Information Security Associate

At PwC, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help clients build, accelerate and sustain momentum. Find out more at www.pwc.com.If you love the business side of information security this is the place to be. Within the CISO pillar we work closely with member firm stakeholders to understand their business model and roadmap for technology.In turn the CISO pillar outlines the roadmap for NIS and drives engagement and adoption of central security services in line with the PwC Cyber Readiness program.Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries’ cost of attack.Network Information Security team is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients.If you are seeking an exciting career with the scope to grow your information and cyber security skills, then NIS will empower you to do so.Roles & Responsibilities:Project Support:Assist in the planning, execution, and monitoring of projects.Utilise strong critical thinking and problem solving skills day to dayCollaborate with team members to ensure project deliverables are met on time and within scope.Prepare and maintain project documentation, including reports, presentations, and meeting minutes.Quickly adapt to changing priorities and project requirements.Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.Proactively identify and address potential issues or roadblocks to ensure smooth project execution.Work with other NIS teams both locally, regionally and globally to deliver the security needs specific to the firm.Compliance and Vulnerability Management:Support work in vulnerability management and compliance activitiesHandles BAU activities such as managing security exceptionsHelp the business comply with the Information Security Policy by leveraging your cyber security knowledge and expertise.Collaborate with PwC IT and global team to align security process and tools.Application Security:Guide and support the business team to complete all required security reviewsBuild knowledge on application security to effectively support security assessmentsAlign with different global and local teams to identify and fix gaps or risk found.OtherHelp with daily security incident handlingHelp to manage junior staff, eg. internsAn effective CISO pillar candidate will also possess the following skills/ RequirementsAble to work in a fast-paced environment, can upskill quickly and learn proactivelyAnalytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.Technical: Broad understanding of security technology.Business: High level understanding of PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.Individuals selected for this role are expected to have both extensive knowledge and managerial know-how related to the following aspects: Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environmentUnderstanding of technical and non-technical information security risks.Have skills to analyse data and visualise data (good to have knowledge of Excel, PowerPoint etc.)Good written and effective communicator to deal with various stakeholdersMeticulous and possesses an eye for detailsProactive, keen to learn, enjoys solving challenging problems, thinking outside of the boxDiligent and open to feedbackExperience in a role balanced between business stakeholders and a central service organization.Possess knowledge about application security to effectively support security assessmentsTime and Task Management: Ability to prioritise risk, manage a variety of take, take ownership to drive completion of activities and deliver on timeEducation and Experience:Interest in Information SecurityBachelor’s or master’s degree (technical degree) or equivalent Industry certification Candidate Specifications:Desired Certifications: (Certifications aren’t a prerequisite however are well regarded)Education Level: Undergraduate Degree (e.g. BIT, BSc) STEM or equivalent work experience: 2 - 4 years’ of progressive professional roles involving information security, computer science and/or other technical background